Exposed Cyber Assets in European Cities

Trend Micro’s Forward-looking Threat Research (FTR) team has focused its efforts on covering exposed cyber assets in cities across the globe, starting with U.S. cities, underscoring the need for protecting data and assets before potential compromise happens.

This time, we dove into Europe, particularly Western European capitals, the United Kingdom, France, and Germany. What we found was not different from the result of our U.S. report: millions of assets in major cities are potentially exposed to threat actors. Using the internet scanning tool Shodan, we sought to paint the landscape of Europe in terms of internet-connected devices and assets, including webcams, routers, printers, network attached storage (NAS) devices, and web and email servers.

Exposed cyber assets do not necessarily mean that the assets are vulnerable or compromised. However, if probed and found to be vulnerable by cybercriminals, these exposed assets can be used to launch attacks against the owners or even other users. Not only are the assets at risk of data theft and fraud, but they can also be used in attacks to create botnets that facilitate distributed denial-of-service (DDoS) attacks or lock down systems with ransomware.

Some key points:

London and Berlin had more than 2.5 million exposed systems. Amsterdam and Madrid, on the other hand, had numbers in the region of a million.

Webcams ranked first as the most exposed device type in France, followed by firewalls.

HTTP web servers were the most exposed software products in Western European capitals and German cities.

As many as 150,000 wireless access points (WAPs) were searchable in Germany’s Shodan data.

London, Birmingham, and Manchester were the top U.K. cities that had a number of exposed printers.

The exposure can only be expected to multiply as long as IoT implementations aren’t guided by a security-by-design approach and binding regulations from pertinent authorities. The EU General Data Protection Regulation (GDPR), for instance, is expected to be enforced this year, on May 25. By then, companies are expected to have tightened their data handling processes, or risk punitive fines of up to 4 percent of their global annual turnover of the preceding financial year, or up to 20 million euros, if provisions are infringed. GDPR will affect companies that engage in the collection or use of EU citizens’ data, even if the said companies are outside Europe.

Our infographic answers the different questions that may come up when tackling exposed cyber assets. Aside from breaking down the common reasons and motivations behind attacks on exposed internet-connected devices and systems, we also list down best practices home users and enterprises can adopt to minimize the risk of compromise and fill security gaps.

For more details on exposed cyber assets in Western Europe as a region, the United Kingdom, France, and Germany, check out our Cities Exposed in Shodan page.

2018 MIDYEAR SECURITY ROUNDUP

A review of the first half of 2018 shows a threat landscape that not only has constant and familiar features but also has morphing and uncharted facets: Ever-present threats steadily grew while emerging ones used stealth. View the 2018 Midyear Security Roundup

2018 SECURITY PREDICTIONS

Today's increasingly interconnected environments pave the way for threats that will bank on systems' weaknesses for different forms of cybercrime. How can you prepare for the year ahead?View the 2018 Security Predictions